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DETAILED ACTION 



1. 



Claims 33-42 have been cancelled. 



2. 



Claims 23-32 have been examined. 



3. 



Responses to Applicant's Remarks have been given. 



Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1 ), (2), and (4) of section 371 (c) of this 
title before the invention thereof by the applicant for patent. 



The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AlPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 1 02(e) prior 
to the amendment by the AlPA (pre-AlPA 35 U.S.C. 102(e)). 

Claims 23-25 and 27-32 are rejected under 35 U.S.C. 102(e) as being 
anticipated by United States Patent No. 6,453,353 to Win et al., hereinafter Win. 
1 . Regarding claim 23, Win teaches a method for providing attribute data, said 
method comprising: 
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receiving a request from a user device via a networl^ for a virtual ID token relating to 
attribute information pertaining to a subscriber associated with the user device (Figures 
5A, 5C, column 2, lines 42-67); 

responsive to the request for the virtual ID token, reading a data record from a 
database, said data record comprising L attributes of the subscriber, L being at least 2 
(Figures 5a, 5b and 5e, column 10, lines 14-26 and 41-55, column 1 1 and lines 42-64); 
providing the data record to the user device via the network (Figures 1 , 2 and 6-8, 
column 5, lines 1-12 and column 26, lines 14-67, "remote computer can load the 
Instructions Into Its dynamic memory and send the Instructions over a telephone line via 
a modem" "Communication interface 918 provides a two-way data communication 
coupling to a network link 920 that is connected to a local network 922" and "Network 
link 920 typically provides data communication through one or more networks to other 
data devices"); 

receiving, from the user device via the network, a selection of M attributes of the L 
attributes, M being less than L (Figure 10b, column 26, lines 14-67, "remote computer 
can load the instructions into its dynamic memory and send the instructions over a 
telephone line via a modem", "Communication Interface 918 provides a two-way data 
communication coupling to a network link 920 that Is connected to a local network 922" 
and "Network link 920 typically provides data communication through one or more 
networks to other data devices"); 
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generating a virtual record including the M attributes selected from the data record, said 
virtual record comprising a virtual ID (VID) for identifying the virtual record (Figures 10a- 
10c, column 12, lines 32-55 and column 15, lines 35-52); 

storing the generated virtual record in the database (column 3, lines 7-40, "storing, in 
the database an association of each resource to one or more of the roles", column 5, 
lines 13-20, column 12, lines 32-55 and column 15, lines 35-52); 
and providing the virtual ID token to the user device via the network, wherein the virtual 
ID token comprises the VID (Figures 1 , 2 and 6-8, column 2, lines 42-67, column 5, 
lines 1-12 and column 26, lines 14-67, "remote computer can load the instructions into 
its dynamic memory and send the instructions over a telephone line via a modem" 
"Communication interface 918 provides a two-way data communication coupling to a 
network link 920 that is connected to a local network 922" and "Network link 920 
typically provides data communication through one or more networks to other data 
devices"), 

wherein an attribute information providing server performs said receiving the request for 
the virtual ID token, said reading the data record from the database, said providing the 
data record to the user device, said receiving the selection of M attributes, said 
generating the virtual record, said storing the generated virtual record in the database, 
and said providing the virtual ID token to the user device (column 3, lines 7-40, "storing, 
in the database an association of each resource to one or more of the roles", column 5, 
lines 13-20, column 11, lines 42-64, column 12, lines 32-55 and column 15, lines 35- 
52). 
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2. Regarding claim 24, Win teaches receiving a request comprising the VID for 
attribute information associated with the VID from an attribute information receiving 
apparatus via the network (Figures lOa-IOc, column 12, lines 32-55 and column 15, 
lines 35-52); 

reading the virtual record from the database in response to the request comprising the 
VID (column 3, lines 7-40, "storing, in the database an association of each resource to 
one or more of the roles", column 5, lines 1 3-20, column 1 1 , lines 42-64, column 1 2, 
lines 32-55 and column 15, lines 35-52); 

and after said reading, providing the virtual record to the attribute information receiving 
apparatus via the network (Figures 1,2 and 6-8, column 2, lines 42-67, column 5, lines 
1-12 and column 26, lines 14-67, "remote computer can load the instructions into its 
dynamic memory and send the instructions over a telephone line via a modem" 
"Communication interface 918 provides a two-way data communication coupling to a 
network link 920 that is connected to a local network 922" and "Network link 920 
typically provides data communication through one or more networks to other data 
devices"), 

wherein the attribute information providing server performs said receiving the request 
comprising the VID, said reading the virtual record from the database, and said 
providing the virtual record to the attribute information receiving apparatus (column 2, 
lines 42-67, column 3, lines 7-40, "storing, in the database an association of each 
resource to one or more of the roles", column 5, lines 13-20, column 12, lines 32-55 and 
column 15, lines 35-52). 
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3. Regarding claim 25, Win teaches wherein said providing the virtual record to the 
attribute information receiving apparatus is performed in manner that ensures that the 
virtual ID is concealed from the attribute information receiving apparatus when the 
virtual record is received by the attribute information receiving apparatus (Figures 3b, 
3c, 4, 5a-5e and 6, column 6, lines 41-54, column 8, lines 23-63, column 9, lines 41-60 
and column 10, lines 41-63). 

4. Regarding claim 27, Win teaches after said providing the virtual record to the 
attribute information receiving apparatus: 

providing, by the attribute information providing server, an attribute certificate to the 
attribute information receiving apparatus in relation to a new transaction between the 
subscriber and the attribute information receiving apparatus, wherein the attribute 
certificate pertains to the M attributes in the virtual record provided to the attribute 
information receiving apparatus (column 5, lines 66 and 67, column 6, lines 1-9, column 
17, lines 28-37, column 19, lines 56-63 and column 22, lines 41-46). 

5. Regarding claim 28, Win teaches wherein the attribute information providing 
server comprises: 

a customer record display unit for displaying the virtual record (Figures lOa-IOc, column 
17, lines 52-67 and column 18, lines 14-27); 

an attribute selection unit for extracting the M attributes from the data record prior to 
said generating the virtual record (Figures lOa-IOc, column 12, lines 32-55, column 15, 
lines 35-52 and column 16, lines 13-58); 
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a virtual record generation unit for performing said generating the virtual record (Figures 
lOa-IOc, column 12, lines 32-55, column 15, lines 35-52 and column 16, lines 13-58); 
a VID token issue unit for performing generating the virtual ID token prior to said 
providing the virtual token ID to the user device (Figures 5a, 5b and 5e, column 2, lines 
42-67, column 10, lines 14-26 and 41-55, column 11 and lines 42-64); 
a virtual record referencing unit for referencing the virtual record based on the VID prior 
to said providing the virtual record to the attribute information receiving apparatus 
(Figures lOa-IOc, column 12, lines 32-55, column 15, lines 35-52 and column 16, lines 
13-58); 

and a virtual record issue unit for performing said providing the virtual record to the 
attribute information receiving apparatus (Figures 1, 2 and 6-8, column 2, lines 42-67, 
column 5, lines 1-12 and column 26, lines 14-67, "remote computer can load the 
instructions into its dynamic memory and send the Instructions over a telephone line via 
a modem" "Communication interface 918 provides a two-way data communication 
coupling to a network link 920 that is connected to a local network 922" and "Network 
link 920 typically provides data communication through one or more networks to other 
data devices"). 

6. Regarding claim 29, Win teaches wherein the VID token further comprises a URL 
of the attribute information providing server (Figures 3a-3c, column 5, lines 13-21, 66 
and 67, column 6, lines 1-9 and 58-65, column 7, lines 45-57, column 8, lines 5-63 and 
column 14, lines 34-43 and 56-67). 
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7. Regarding claim 30, Win teaclnes wherein the attribute information providing 
server is selected from the group consisting of a financial institution, an Internet Service 
Provider (ISP), and a shopping site on the network (column 26, lines 44-67). 

8. Regarding claim 31 , Win teaches receiving a selection of Ml attributes of the L 
attributes in the data record, wherein the Ml attributes are not identical to the M 
attributes (Figure 10b, column 3, lines 7-40, "storing, in the database an association of 
each resource to one or more of the roles", column 5, lines 1 3-20, column 1 1 , lines 42- 
64, column 12, lines 32-55, column 15, lines 35-52 and column 26, lines 14-67, "remote 
computer can load the instructions into its dynamic memory and send the instructions 
over a telephone line via a modem" "Communication interface 918 provides a two-way 
data communication coupling to a network link 920 that is connected to a local network 
922" and "Network link 920 typically provides data communication through one or more 
networks to other data devices"); 

and storing a second virtual record in the database, wherein the second virtual record 
comprises the Ml attributes, and wherein the attribute information providing server 
performs said receiving the selection of Ml attributes and said storing the second virtual 
record in the database (column 3, lines 7-40, "storing, in the database an association of 
each resource to one or more of the roles", column 5, lines 13-20, column 1 1 , lines 42- 
64, column 12, lines 32-55 and column 15, lines 35-52). 

9. Regarding claim 32, Win teaches wherein the data record comprises a globally- 
unique ID (GID) serving as a primary key of the data record, wherein the VID is a 
primary key of the virtual record, and wherein the VID is independent of the GID 
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(Figures lOa-IOc, column 12, lines 32-55, column 15, lines 35-52 and column 16, lines 
13-58). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

Claim 26 is rejected under 35 U.S.C. 103(a) as being unpatentable over Win as 

applied to claim 23, as cited above, and further in view of United States Patent No. 

6,834,272 to Naor et al., hereinafter Naor. 

10. Win significantly discloses the claimed invention as cited within claim 23; 
however Win fails to disclose the limitation found within claim 26. Naor discloses this 

limitation, as cited below. 

1 1 . Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to incorporate the teachings of Naor within the teachings 
of Win in order for "any number of parties, via a center, to collectively compute any 
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function in a manner that preserves tlie privacy of tlie individual private inputs of the 
parties to the collective computation, even after the computation of the function has 
been completed" {Naor- column 4, lines 46-58). 

1 2. Regarding claim 26, Naor teaches wherein said providing the virtual record to the 
attribute information receiving apparatus is performed using a 1-out-of-N OT (Oblivious 
Transfer) protocol (Figures 5 and 7, column 11, lines 30-67, column 12, lines 1-3 and 
34-44, column 13, lines 42-55, column 17, lines 35-66 and column 19, lines 52-64). 

Response to Arguments 

13. Applicant's arguments, see page 10, filed 01/28/08, with respect to the objection 
to the Specification have been fully considered and are persuasive. The objection to 
the Specification has been withdrawn. 

14. Applicant's arguments filed 01/28/08 have been fully considered but they are not 
persuasive. With regards to claim 23, the Examiner maintains the above-cited grounds 
of rejection, in particular but not limited to Figures 1, 2 and 6-8, column 5, lines 1-12, 
column 17, lines 28-38, "secure token" and column 26, lines 14-67, "remote computer 
can load the instructions into its dynamic memory and send the instructions over a 
telephone line via a modem" "Communication interface 918 provides a two-way data 
communication coupling to a network link 920 that is connected to a local network 922" 
and "Network link 920 typically provides data communication through one or more 
networks to other data devices". 

1 5. Further, a token is an encrypted identification of one valid user or group on an 
external authentication system. On page 13 of the Applicant's Specification, it is stated 
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that "In the general acquirement, the attribute Information receiving apparatus 50 
connects to the attribute Information providing server 10 by using the URL Included In 
the VID token, presents the VID, and acquires the virtual record." Win discloses this 
within, but not limited to, column 3, lines 7-40, "storing. In the database an association 
of each resource to one or more of the roles", column 5, lines 13-20, column 12, lines 
32-55 and column 15, lines 35-52. Thus, It Is broadly Interpreted by the Examiner that 
Win discloses. Inter alia, the token. 

Conclusion 

16. THIS ACTION IS MADE FINAL. Applicant Is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

1 7. A shortened statutory period for reply to this final action Is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply Is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action Is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

18. The prior art made of record and not relied upon Is considered pertinent to 
applicant's disclosure. 
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19. The following United States Patents and Patent Application Publication are cited 
to further show the state of the art with respect to the protection and usage of credential 
information, such as: 

United States Patent No. 6,915,271 to Meyer et al., which is cited to show a 
method and system for redeeming dynamically and adaptively characterized 
promotional incentives on a computer network. 

United States Patent No. 5,903,721 to Sixtus which is cited to show a method 
and system for secure online transaction processing. 

United States Patent No. 6,161,139 to Win et al., which is cited to show 
administrative roles that govern access to administrative functions. 

United States Patent No. 6,182,142 to Win et al., which is cited to show 
distributed access management of information resources. 

United States Patent No. 6,505,300 to Chan et al., which is cited to show a 
method and system for secure running of untrusted content. 

United States Patent No. 6,542,927 to Rhoads, which is cited to show the linking 
of computers based on steganographically embedded digital data. 

United States Patent No. 6,615,258 to Barry et al., which is cited to show an 
integrated customer interface for web based data management. 

United States Patent No. 6,714,979 to Brandt et al., which is cited to show a data 
warehousing infrastructure for web based reporting tool. 

United States Patent No. 4,926,479 to Goldwasser et al., which is cited to show a 
multiprover interactive verification system. 
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United States Patent Application Publication No. US 2001/0055388 to Kaliski, 
JR. which is cited to show server-assisted regeneration of a strong secret from a weak 
secret. 

United States Patent No. 7,290,056 to McLaughlin which is cited to show 
monitoring latency of a network to a network to manage termination of distributed 
transactions. 

20. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to JEREMIAH AVERY whose telephone number is 
(571)272-8627. The examiner can normally be reached on Monday thru Friday 8:30am- 
5pm. 

21 . If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571 ) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

22. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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/Jeremiah Avery/ 
Examiner, Art Unit 2131 
/Ayaz R. She\kh/ 

Supervisory Patent Examiner, Art Unit 2131 



